Driven by necessity, Mozilla to enable HTML5 DRM in Firefox

Browser company fearful that users would follow Netflix to other browsers.

Mozilla announced today that it will follow the lead of Microsoft, Google, and Apple and implement support for the contentious HTML5 digital rights management specification called Encrypted Media Extensions (EME).

The organization is partnering with Adobe to make the change. Mozilla will provide the hooks and APIs in Firefox to enable Web content to manipulate DRM-protected content, and Adobe will provide a closed source Content Decryption Module (CDM) to handle the decryption needs.

For a group that's committed to open standards and open source, this was a difficult decision. DRM, which tends to restrict fair use access to copyrighted content, and closed source modules both run counter to Mozilla's goals. Explaining the decision, Mozilla Foundation CEO Mitchell Baker argued that the decision was driven by necessity. With Internet Explorer, Chrome, and Safari all enabling EME, Mozilla faced a problem: if it refused to support EME, it risked driving users seeking to watch DRM-protected content to other browsers.

That streaming media companies want to use EME is beyond doubt. Netflix, for example, offers an HTML5-based player using EME as an alternative to its Silverlight-based front-end. This HTML5 player works in both Chrome and Internet Explorer 11. Baker argues that users will tend to follow the content and hence switch to these browsers whenever they want to watch protected content. This in turn leads those users to question the use of Firefox entirely.

This push for HTML5 and EME is likely to accelerate, too. Google is trying to deprecate support for browser plugins, a move that will, in time, eliminate both Silverlight and Flash as delivery mechanisms for DRM-protected content. For broadcasters that want to target the Web, EME will be the only practical option. This will increase the pressure faced by Mozilla.

As much as Mozilla as an organization may dislike DRM, and as much as it may believe the EME specification to be flawed, Baker says that Mozilla cannot change the industry alone. As such, it needs to support DRM, too. The choice of whether to use the DRM facilities will be left to the end user, and those who do not want to use it can elect not to activate it. The CDM will not actually be distributed with Firefox, either; if users elect to use it, it will be downloaded from Adobe.

In a more technical post, Mozilla CTO Andreas Gal outlines some of the ways that the Firefox developers have tried to isolate the Adobe CDM to ensure that this closed source black box cannot breach user privacy or undermine system security. The CDM is run in an isolated sandbox without access to the network or the user's hard drive.

HTML5's DRM system also includes a unique identifier that content providers can use to identify devices. Mozilla has taken pains to make this as minimally invasive as possible. Firefox will give each site a unique ID, preventing providers from tracking users across multiple sites. The ID will also not disclose any details of the underlying hardware.

As a silver lining, Gal writes that implementing EME will make it easier for Mozilla to phase out support for general purpose plugins, as HTML5 DRM eliminates one of the biggest use cases for these plugins.

In some ways, the DRM issue mirrors the earlier video codec issue. For a long time, Mozilla refused to implement support for H.264-encoded video because of the licensing and patent issues associated with that compression algorithm. But driven by the need to play back the video that was abundant on the Web—and the battery efficiency that comes from leveraging hardware-accelerated H.264 playback—the group eventually relented.

There are some similarities in the way Mozilla has chosen to resolve the issue, too. For H.264 support, Firefox defers to third-party code that's often closed source: the built-in H.264 codecs available on Windows and OS X and the hardware support found in the chips used in tablets and smartphones.

In both cases, Mozilla found itself unable to change the direction of media industry juggernauts. DRM, like H.264, is entrenched in the video industry, and the proliferation of apps strongly suggests that content producers would sooner give up the Web before giving up content protection. Combined with a userbase that seems largely indifferent to the concerns raised—Netflix users are demonstrably willing to use DRM, for example—Mozilla's leverage is minimal at best.

This is not to say that the organization has not tried. Mozilla has pushed watermarking as a superior alternative to DRM, but this approach seems to have done little to interest content owners. Without some large user-driven pushback against DRM, it's hard to see this situation changing.

Promoted Comments

Funny how psychology works. I have no problem with Netflix using DRM, because it's very clear that their offering is like a "channel", to which you have unlimited access during the time you pay for the subscription.

On the other hand, I highly resent DRM in things like ebooks that I've paid for, because I've bought them and they should be MINE, perpetually.